Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#166 cyphertext file format question

open
nobody
None
5
2011-12-05
2011-12-05
awswartz
No

First of all, I love Axcrypt!

But...
It appears that the first 15 bytes of every cyphertext file created with axcrypt are the same. This makes all axcrypt encrypted files easily identifiable with a search (regardless of filename or location) .

What is in this fifteen bytes? Hopefully not the initialization vector? If so, I would think that each file gets a random and unique initialization vector.

Truecrypt (admittedly, a different solution to a different problem) outputs files with no characteristic "signature" so that encrypted data is indistinguishable from random data. That would seem to be a desirable behavior for axcrypt also (for plausible deniability).

I downloaded the source code, but with a quick glance I decided that it would take me forever to find the appropriate section to answer my question.

Discussion

  • I'm glad you like AxCrypt! The first 16 bytes are indeed identical and represent what is known as a 'GUID', a Globally Unique IDentifier. The purpose is just that - to make files easily identifiable by AxCrypt and for that matter other software that cares.

    It is only used for that. There is an IV since the bulk of the data is encrypted with CBC mode, but it is unique for each encryption, as is the actual Data Encrypting Key. If you encrypt the same file two different times, you'll find that the data part is entirely differently encrypted each time as a result of this.

    Although I have a high regard for TrueCrypt, and in fact use it myself for scenarios that do not fit AxCrypt, we do have some minor differences in philosophy concerning encryption. I do not adher to the concept of 'plausible deniability' - I do not believe it has any real world value. In theoretical situation where a regime does not allow encryption, I don't think 'plausible' matters. Such regimes have a long history of disregarding such issues when 'dealing' with subversive elements. In a western society with western legal traditions, it's not likely not enough with 'plausible', as is evidenced my so many legal cases where the totality of evidence is weighed into the judgement. A typical contemporary comparable scenario is how illegal file sharing is handled. There are lots of plausible arguments in the defense of specific situations, but the legal system has an easy time finding more plausible arguments against the defendant. Look at the case of 'Pirate Bay', a torrent tracker site, in Sweden for example.

    There may be some case where 'plausible deniability' has actually helped someone, but I have not seen any well-documented references.

    I simply think it's an underestimation of the adversary to think that the TrueCrypt concept of plausible deniability has any real world value.

    I may be wrong of course! If you have any evidence of this, please forward me some links or other material about real world cases where it has been useful.

    There are some other issues as well. Encryption can be used for good and bad things, legal and illegal purposes. I'd like to think that I've tried to balance AxCrypt features to favor good and legal use, and not optimize for bad and illegal use. Some good and legal situations suffer because of this unfortunately, but that's how I've decided I need to think in order to keep a reasonably clear conscience.

    Best regards,

    Svante